CVE-2018-1229

CVE-2018-1229

Vendor Spring By Pivotal
Product Spring Batch Admin
Weakness CWE-79 · XSS
Published March 21, 2018
Last update September 17, 2024

CVSS base score

What the vulnerability does

01Description

Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been patched because Spring Batch Admin has reached end of life.

Key dates

02Disclosure timeline

March 21, 2018 CVE published
September 17, 2024 Record updated